SR-D38613 · Issue 510004
Login will not obfuscate data for unauthenticated requestor
Resolved in Pega Version 8.4
If prconfig.xml had URLencryption and SubmitObfuscatedURL enabled, logging off from the application and idling the login screen for 5-10 minutes resulted in an Http 400 error during the next login attempt and the app data had to be manually cleared. This has been resolved by setting the system to not obfuscate data if the requestor is unauthenticated.
SR-D40756 · Issue 508098
Null check added for missing IDP RelayState
Resolved in Pega Version 8.4
An "ArrayIndexOutOfBounds" exception was showing sporadically when using IDP Initiated SAML Login requests. This was traced to IDP not consistently providing the RelayState parameter to Pega, and the exception has been resolved with the addition of a null check. When the RelayState parameter is empty, the message "Missing Relaystate information in IDP Response" will be shown.
SR-D41454 · Issue 506536
Updated HotFix Manager for use in older versions
Resolved in Pega Version 8.4
The DL logic in Hotfix Manager was changed in 8.3 to include the catalog of all framework changes. This had the unintended side effect of preventing DLs from being installed in Pega 7.3.1 and lower versions as the versions included in the catalog are not present on those systems and the validation failed. This has been resolved by revising the DL update so the system will only add all apps to the catalog for platform 7.4+ DLs.
SR-D41482 · Issue 507884
SAML data pages restored after passivation
Resolved in Pega Version 8.4
If login used SAML SSO, resuming the session after passivation resulted in missing or empty data pages when using an SAP integration with Pega Cloud. This was traced to a security change that modified the D_SAMLAssertionDataPage and D_SamlSsoLoginInfo data pages as readonly, causing them to not be passivated under these conditions. To resolve this, the data pages have been made editable so they will be restored as expected. This change also resolves any difficulty with SAML logoff activities in conjunction with SAP and Pega Cloud.
SR-D41637 · Issue 512269
Mashup URLs will include thread name for better passivation recovery
Resolved in Pega Version 8.4
Mashup screens were distorted after keeping the screen idle for more than 1 hour and then trying to switch between accounts. Investigation showed that during SSO authentication the relaystate generated without including thread name in the URL, leading to the threadname not being passivated or made available during reactivation. To resolve this, the thread name will now be included in the URL.
SR-D43331 · Issue 510158
Run Ruleset Cleanup defaults to true
Resolved in Pega Version 8.4
After upgrade, the rule categories and rules were not showing correctly in the App view of the Dev Portal. Many warning messages were also logged related to the Decisioning DM Sample application. This was traced to the rules cleanup script not running properly. While there was a workaround of applying the ruleset cleanup scripts manually after removing the queries that reference the pr_engineclasses table, the cleanup will now be set to run by default (run.ruleset.cleanup=true). In addition, the logic to determine which RuleSets to include has been simplified and most of the pr4_rule_vw deletions have been combined.
SR-D44307 · Issue 509001
Refined dependency checking for Hotfix Manager
Resolved in Pega Version 8.4
The logic in Hotfix Manager was changed in 8.3 to include all Strategic Application hotfixes in the Catalog for platform versions 7.4+. However, because there are some edge cases where multiple hotfixes for different strategic application products have been shipped with the same rule changes, it was found that a DL packaged for one application could pick up hotfixes intended for another app. This prevented the DL from installing on systems where both apps were not installed. To avoid picking up these additional hotfixes, while the catalog shipped in the DL will continue to contain all apps, the system has been updated to use only a list of selected products when generating a catalog for calculating dependencies.
SR-D45014 · Issue 510895
Handling added for null pyrulesetversion during upgrade
Resolved in Pega Version 8.4
Attempting to upgrade from v.6 to v.8 failed during the import of RAP files. Investigation showed that there were 4 rows in the pr4_rule_file table which had a pyrulesetversion column of null. The corresponding pzrulesetversionmajor, pzrulesetversionminor, and pzrulesetversionpatch were set to -1 by the oracle_rulesetversion_columns_rules.sql script, but the upgrade was looking at the pyrulesetversion column. After the delete of these rows, the upgrade completed without issue. To resolve this, the system has been updated so that if it comes across an instance and can't determine its Major Version, the instance will be skipped.
SR-D45641 · Issue 518062
Report Definitions available as Product Rule class filter
Resolved in Pega Version 8.4
An enhancement has been added to support Report Definitions as filters for Product Rule Class instances. The system will continue to support List Views as filters for backwards compatibility, but List Views are deprecated and changing to Report Definitions is encouraged.
SR-D46681 · Issue 514434
SnapStart supports SAML2 Authentication
Resolved in Pega Version 8.4
When using an HTTP Post to SnapStart into Pega using PRCustom style or PRAuth style SAML authentication, the login was looping back to the login request. Investigation showed that the Pega ACS was posting data properly back to the RelayState URL, however the login activity was not getting the SAMLResponse and simply sent a SAML Login Request again. This has been fixed by updating reqContextURI in case of SAML2 Authentication service so pyActivity=value will be passed.